7 matches found
EUVD-2023-45034
Malicious code in bioql PyPI...
CVE-2023-40463
When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access...
Design/Logic Flaw
When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access...
CVE-2023-40463 Use of Hard-Coded Credentials
When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access...
Design/Logic Flaw
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become be...
CVE-2023-33243
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become be...
Ubiquiti UniFi 5.2.7 Critical Vulnerability
Exploit for hardware platform in category web applications together with my colleague we found two uncritical vulnerabilities you'll find below. Product: UniFi AP AC Lite Vendor: Ubiquiti Networks Inc. Internal reference: ? Bug ID Vulnerability type: Incorrect access control Vulnerable version:...